Data Centric Security

Transcription

1 Data Centric Security What s wrong and what to do about it Mike Shanahan Regional Sales Manager Albert Dolan Senior Systems Engineer, EMEA

2 IT s Dirty Little Secret 30+ Years super users have been managing our servers, their configurations, and data. 100% Percent of data that super users have access to in the systems they manage. 1 Number of compromised users required to cause havoc.

3 Why is privilege so important?

4 Threat Protection Transparent Encryption Valid Users APT DBAs Application/Utility SysAdmins Outsourced /Cloud Admins Database FS Agent File Systems Volume Managers Storage Storage Storage Admins Storag e Disk Theft/ Negligence

5 New Technologies Offer Business Advantage. But come with additional risks Business Advantage New Risks Cloud Flexibility Cost efficiency Higher Data Breach Risk Data Residency/Privacy Compliance violations Big Data Deep customer profiling and relationships Business trend analysis and correlations Sensitive data is everywhere Reports and results

6 What if You could use cloud IaaS without enhanced data breach risk? Enterprise Data Center Environment Policies & Logs Management Appliance or Software VPN Link Keys Data Access Policy and Encryption Key management Encryption and Access Control - only the enterprise has access to their data Data access logs provide audit and insight into enterprise data access patterns Data cannot be legally compelled from the cloud provider

7 What if You could use cloud and still meet Data Residency/Privacy requirements? UK Local encryption key management France Local encryption key management Germany & Spain Local encryption key management for all data Tokenize PII Private Information never leaves the country

8 What if You could use SaaS Storage without risk of data exposure? Enterprise Premise Audit Data/ Access logs Personal Computers Cloud Storage DSM Mobile Devices Servers Cloud Encryption Gateway Give users access to cloud storage environments retain local control of data Data access by policy All data encrypted before it leaves the enterprise

9 What if Big Data environments were safe for data inside and out? Data Data source Analytics Logs Financial Data Structure d Database Data warehouse Reports ERP CRM Big Data PII Credit cards Unstructure d Healthcare Data Audio video Dashboards Excel, CSV Social media Logs Encrypt at OS level and Tokenize or Encrypt within application System logs Configuratio n Disk cache Error logs Protect with encryption + access controls + access monitoring at OS/File system level What if queries Encrypt at OS level and Tokenize or Encrypt within application Encryption, access controls, tokenization protect data from inside-out and outside-in

10 Vormetric Data Security Platform Vormetric Tokenization Vormetric Application Encryption Vormetric Transparent Encryption Vormetric DSM Vormetric Cloud Gateway Vormetric Key Management

11

12 2015 VORMETRIC INSIDER THREAT REPORT % Retail Polling by Harris 2015 Vormetric Insider Threat Report Healthcare IT DECISION MAKERS US, UK, Germany, Japan, ASEAN Enterprises: $200M + US $100M + UK, Germany, Japan, ASEAN Financial Services Other Enterprise Analysis and Reporting by Ovum

13 TOP IT SPENDING PRIORITIES COMPLIANCE IS LAST FOR THE FIRST TIME DATA BREACH 50% PREVENTING A DATA BREACH INCIDENT 44% PROTECTION OF CRITICAL IP 41% PROTECTION OF FINANCES AND OTHER ASSETS 32% FULFILLING REQUIREMENTS FROM CUSTOMERS, PARTNERS AND PROSPECTS 32% FULFILLING COMPLIANCE REQUIREMENTS AND PASSING AUDITS

14 A Word About Vormetric Vision To Secure the World s Information Customers Customers Across 21 Countries 17 of Fortune Cloud and Hosting Providers Global Presence Global Headquarters - San Jose, CA, USA EMEA Headquarters - Reading, United Kingdom APAC Headquarters - Singapore Data-at-Rest Protection Products Transparent Encryption, Application-layer Encryption Tokenization with Dynamic Data Masking Cloud Encryption Gateway Key Management